<?php
session_start();
@mysql_connect('localhost','root','root');
mysql_select_db('blog');
mysql_set_charset('utf8');
$_POST['pwd'] = md5($_POST['pwd']);
$sql = "select * from `users` where `name` = '{$_POST['name']}' and `pwd` = '{$_POST['pwd']}'";
$res = mysql_query($sql);
while ($rows = mysql_fetch_assoc($res)) {
	$arr[] = $rows;
}
if($arr){
	echo '<script>alert("登陆成功");window.location.href="../index.php"</script>';
	$_SESSION['name']= $arr[0]['name'];
	$_SESSION['islogin']= 1;
}else{
	echo '<script>alert("登陆失败");window.location.href="login.php"</script>';

}